The Friday Tech Takeaway - 28.07.17

Beware the killer car washes! Forget hijacking smart light bulbs. Researchers claim they can hack into internet-connected car wash machines from the other side of the world and potentially turn them into death traps. In a presentation at the Black Hat conference in Las Vegas on Wednesday, Billy Rios, founder of security shop Whitescope, and Jonathan Butts, committee chair for the IFIP Working Group on Critical Infrastructure Protection, showed how easy it was to compromise a widely used car wash system: the Laserwash series manufactured by PDQ, based in Wisconsin, USA https://www.theregister.co.uk/2017/07/27/killer_car_wash/

Majoriy of Security Pros let producitivity trump security: A survey found that 64% of IT security professionals will tweak security to give workers more flexibility to be productive when asked by top executives. Tension between the IT security department and workers' desire to remain as productive as possible continues to thrive, according to a report released today by Bromium.

The survey of 175 security professionals found that 64% of respondents admit to lowering the security bar when asked by top executives to allow workers the flexibility to remain productive https://goo.gl/7N63re

Three new CIA hacking tools for MAC and Linux exposed: WikiLeaks has just published a new set of classified documents linked to another CIA project, dubbed 'Imperial,' which reveals details of at least three CIA-developed hacking tools and implants designed to target computers running Apple Mac OS X and different flavours of Linux operating systems http://thehackernews.com/2017/07/linux-macos-hacking-tools.html

Roomba Maker Preparing to Sell Maps of Your Home to Advertisers: iRobot's CEO Colin Angle announced plans to sell maps of users' homes to advertisers. In 2015, iRobot started selling Roomba models capable of mapping homes, so the vacuums would know where they should go, and stop bumping into furniture.

Until now, these maps have only been used internally on the device to aid its navigation and understanding of its environment. But having realised the commercial possibilities, iRobot now plans to sell its maps to online advertisers like Amazon, Apple and Google https://goo.gl/WAfMfx

Cohda Wireless tests vehicle-to-pedestrian (V2P) technology on city streets: The technology makes use of available 4G networks to allow riders, drivers and pedestrians who are further away to reliably receive necessary information. Before a driver turns a blind corner the system will notify them of any pedestrian or cyclist crossing the adjacent street. The system was tested using other common scenarios, such as a car and a cyclist approaching a blind corner, a car reversing out of a driveway, and a car approaching a pedestrian crossing https://goo.gl/WQjLKi

Chrome for Android caught on the hop for credit card prefill: Chrome for Android did not use the FLAG_SECURE flag in credit card prefill settings, potentially exposing sensitive data to other applications on the same device with the screen capture permissions. The vendor (Google) fixed this issue in Chrome M59. Google has assigned CVE-2017-5082 to track this issue. https://goo.gl/2K63Gg

MacOS malware in the wild: Mac users who believe they are immune to malware might be in for a shock – now even Macs can become infected with viruses that could silently spy on users. An unusual piece of malware that can remotely take control of webcams, screens, mouse and keyboards and install additional malicious software has been infecting hundreds of Mac computers for more than five years, and was detected just a few months back.

Bare metal exposed at Black Hat 2017: When enterprises build their security models based on implied trust at the hardware and firmware level, they're building them on a foundation of sand. Security researchers are going to repeatedly hammer that lesson home at Black Hat this week as they demonstrate a range of vulnerabilities, attack techniques and tools designed to get as close to the bare metal of systems as possible. https://goo.gl/fEJhdL

32M implants microchips in employees: Marketing solution provider Three Square Market (32M) has announced that it has partnered with Swedish biohacking firm BioHax International to offer microchips to all their employees. Although the programme is optional, the company wants at least 50 employees to undergo the biohacking procedure.

Like previous bio hacks, the chips will be implanted underneath the skin between the thumb and forefinger, and will use near-field communications (NFC) — the same technology that makes contactless credit cards and mobile payments possible — along with radio-frequency identification (RFID) https://goo.gl/LqPdPA

Augmented reality to see rapid growth: According to the latest research from MarketsandMarkets™, the augmented reality (AR) market is expected to grow from $2.39 billion in 2016 to $61.39 billion by 2023, at a CAGR of 55.71% between 2017 and 2023. The increasing demand for AR devices and applications in healthcare, retail and e-commerce, and rising investment in the AR market are the major drivers https://goo.gl/TnMwMj

USA to screen tablets, e-readers and handheld games before they fly: Domestic air passengers within the USA will be required to remove any electronic device larger than a smartphone from their carry-on bags for screening before boarding. A Transport Security Agency (TSA) announcement names “tablets, e-readers and handheld game consoles” as the target of the new rules, which “require travellers to place all electronics larger than a cell phone in bins for X-ray screening in standard lanes.”